Faculty of law blogs / UNIVERSITY OF OXFORD

Crypto-assets: Towards a Comprehensive Regulatory Framework


Elisabeth Noble
Senior Policy Expert, European Banking Authority


Time to read

4 Minutes

In 2019 crypto-asset activities moved squarely within the sights of the EU Commission and international standard-setting bodies and decisive regulatory action can be expected in the year ahead.

Although much has been written about virtual currencies and, more recently, proposals for so-called stablecoins, it is the proliferation of financial sector experimentation with crypto-assets in combination with distributed ledger technology (DLT) that has caught the eye of regulators. 

Pilots involving the issuance of bonds and other securities, cross-border payments and trade finance have demonstrated the potential for efficiency gains and proven technical viability. However, the absence of clarity about regulatory treatment and supervisory expectations is currently posing a major barrier to market assimilation. This problem is exacerbated cross-border as a result of jurisdictional divergences on matters such as the permissibility and classification of activities, operational resilience requirements and both accounting and tax treatment. Differential standards have also left consumers and investors exposed to inconsistent levels of protection and risk regulatory arbitrage. In time, new threats to financial stability could emerge.

Recognising these issues, international regulatory bodies have swung into action.

The European Commission, following advice from the European Banking Authority (EBA) and European Securities and Markets Authority on the applicability and suitability of current EU law to crypto-assets and following the Joint Statement by the Council and Commission on stablecoins, launched on 19 December 2019 a consultation on an EU framework for markets in crypto-assets. The consultative document is wide-ranging and includes questions about the classification of crypto-assets, the treatment of specific crypto-asset activities (eg, trading platforms, exchanges and custodial wallet services), the legal validity of token transfers and the application of legislative measures such as the AMLD, CSD, DGSD, EMD2, FCAD, PSD2, and SFD. 

At the international level, the BCBS has initiated work on the prudential treatment of crypto-assets and the FATF plans a review of the risk-based approach to virtual assets and virtual asset service providers. CPMI-IOSCO are reviewing the suitability of the principles for financial market infrastructures and the FSB will report in July 2020 on the outcome of its stocktake of supervisory and regulatory approaches to stablecoins following the G7 report.

This work is not only timely but essential to facilitate the scaling up of crypto-asset activities. Although there is a tendency for market participants to resist regulatory action for fear of hampering innovation, common standards are the most effective—and in some cases only—means to instil consumer/investor confidence, provide legal certainty, support interoperability and overcome key barriers to cross-border activity. 

For example, as identified by the European Commission’s Expert Group on Regulatory Obstacles to Financial Innovation, there is an urgent need to address conflicts of law issues concerning the proprietary situation of crypto-assets (eg, re conflicts concerning ownership, insolvency, applicable tax law) and the finality of transfers (see recommendation 8). Although systems of self-regulation can establish principles to deal with some of these matters, depending on the relative bargaining power of the relevant parties, the terms may leave some prejudiced. Additionally, there is no guarantee that the principles will be upheld by a court in the event of dispute. Regulatory action on the other hand offers a means to achieve fair, proportionate and legally robust solutions.

The work is also essential if ‘technological neutrality’ is to be delivered in practice. In simple terms, financial regulation and supervision should not prefer or prevent the adoption of a specific technology nor should it prefer or prejudice a specific business model or service provider. Equally, where activities present similar risks, regardless of the technology used, they should be subject to similar regulation and supervision. 

To achieve this, regulatory bodies need to be proactive in responding to technological developments not only to enable the opportunities presented by innovative technologies to be realised but to ensure the regulatory framework remains fit for purpose in the digital age. 

The EBA’s work on institutions’ outsourcing to cloud service providers presents a good example. As early as 2017, the EBA issued an opinion to help prepare supervisors for the use of cloud outsourcing thus promoting a common and open approach to this technology across the EU, facilitating adoption. The EBA subsequently integrated the opinion in guidelines on outsourcing practices to ensure a consistent approach to the management and oversight of operational risk thereby enabling the use of technology whilst achieving effective risk mitigation. 

In the context of crypto-assets, ‘technological neutrality’ has not yet been achieved. By way of example, the current regulatory framework typically assumes, or may even require, the use of specific intermediaries (eg, a central securities depository) for the performance of specific functions in relation to a transaction, whereas new technological solutions can offer alternative effective risk management mechanisms.

Beyond substantive requirements, regulatory bodies and their political masters need to be prepared to carry out critical assessments of the adequacy of the supervisory architecture. 

The traditional approach of supervisory silos based on activities and geographic presence is becoming increasingly strained by new business models which leverage innovative technologies and access to data and combine different forms of financial and non-financial activity to serve, potentially without any physical presence, clients across the world. Such business models raise serious questions about the adequacy of existing supervisory models (eg, the composition, objectives and powers of supervisory colleges) taking into account not only traditional prudential, conduct of business and AML/CFT considerations, but also data protection and competition (IMF NOTE/19/02 reflects on this issue more broadly in the context of FinTech). 

A truly cross-jurisdictional and multi-disciplinary dialogue is therefore to be encouraged as the international regulatory community moves to develop a comprehensive framework for the regulation and supervision of crypto-asset activities. 

Elisabeth Noble is a Senior Policy Expert at the European Banking Authority.

* The views expressed in this blog are mine alone and should not be taken to represent those of the European Banking Authority (EBA) or to state EBA policy. Neither the EBA nor any person acting on its behalf may be held responsible for the use to which information contained in this publication may be put, or for any errors which, despite careful preparation and checking, may appear.



With the support of